An alarming rise in the number of corporate data breaches combined with a steady rise in the sophistication of spyware threats and distribution methods made 2005 the biggest year yet for spyware, according to latest State of Spyware report issued today by Webroot Software, the leading anti-spyware developer.
Consumers, small businesses and enterprises across the globe all experienced a record number of infection rates for the worst types of spyware in 2005 according to the report which contains data and information on the spyware plague for all of 2005. Most alarming was the rise in the most malicious types of spyware - Trojan horses and system monitors. For enterprises, between Q3 and Q4 2005, the number of Trojan horse infections increased 9 percent and from Q2 to Q4 2005, the number of system monitors like keystroke loggers increased 50 percent consecutively each quarter.
"This past year was a boon for spyware criminals. Last month Webroot surveyed U.S. businesses and found that over half of respondents reported a spyware-disruption that resulted in lost revenue, a statistic mirrored by a recent FBI study which surmised that computer-related crimes such as spyware cost U.S. business $62 billion. That is 10 percent more than all identity fraud and over 60 times the cost of telecommunications fraud," said David Moll, CEO of Webroot Software. "This criminal enterprise we call spyware continues to advance in technology and sophistication. As long as the money and opportunities exist, so will spyware."
According to the report, 2005 was the worst year ever for data security losses. In all, more than 130 different security breaches exposed over 55 million Americans to a wide range of illegal activities, including the increased possibility of spyware infection and identity theft. Highly publicized security vulnerabilities in the software from two of America’s most recognizable companies - SONY BMG and Microsoft - highlighted the disastrous potential spyware exploits can have on both consumers and enterprises, and pushed many enterprises to evaluate their compliance with government regulations around protection of their information assets. Sony BMG’s decision to use rootkits in its digital rights management software set off not only a firestorm of criticism, but also a firestorm of hackers and spyware purveyors determined to use the rootkit to install the most malicious types of spyware. Microsoft experienced a similar rash of criticism when the company revealed a major vulnerability, a WMF flaw that hackers could use to access and take control of a user’s system.
The report also examines the effect data breaches had on the level of technology used by spyware developers. Throughout 2005 Webroot researchers observed a steady increase in the complexity and severity of spyware technology. Keyloggers using kernel-level drivers became increasingly common as the year progressed and the usage of polymorphic code continues to increase, according to the Webroot Threat Research Team, the company's internal research arm. While some security analysts attribute this continued rise in technology sophistication to spyware developers’ desire to capitalize on the increased number of published vulnerabilities, Webroot also found evidence that spyware developers are advancing their technology efforts to evade detection and removal, and maintain their revenue streams.
"Spyware criminals know that many users have some kind of Internet security application deployed on their PCs. These criminals also know that many of these applications do not protect users against the most advanced technologies such as Trojan horses and keyloggers. To capitalize on this security weakness, spyware criminals are increasingly relying on the most advanced technologies to infect users," added Moll. "The only way users can be protected against these types of threats is to use an anti-spyware software that is recognized as a best-of-breed solution and includes frequent, automatic updates."
The State of Spyware report is an in-depth review and analysis of the impact of spyware, adware and unwanted software on consumers and enterprises. The foundation for much of the analysis and trends reporting comes from Webroot's consumer and corporate SpyAudit tools and from online research culled by Phileas, Webroot's automated spyware research system. The SpyAudit tools invite both consumers and enterprises to scan specific PCs and determine spyware infection levels.